feat: support private GKE nodes (#192)

Co-authored-by: Andrew Peabody <[email protected]>
terraform-google-modules · Sep 24, 2024 · 730f92b · 730f92b
1 parent 1c87ebb
commit 730f92b
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 5 deletions.
diff --git a/examples/gh-runner-gke-dind-rootless/main.tf b/examples/gh-runner-gke-dind-rootless/main.tf
@@ -27,6 +27,7 @@ module "runner-gke" {
   gh_app_installation_id = "12345678"
   gh_app_private_key     = "sample"
   gh_config_url          = "https://github.com/ORGANIZATION"
+  enable_private_nodes   = true
 
   # pass values.yaml for dind-rootless runners configuratin
   arc_runners_values = [

diff --git a/examples/gh-runner-gke-dind/main.tf b/examples/gh-runner-gke-dind/main.tf
@@ -28,4 +28,5 @@ module "runner-gke" {
   gh_app_private_key     = "sample"
   gh_config_url          = "https://github.com/ORGANIZATION"
   arc_container_mode     = "dind"
+  enable_private_nodes   = true
 }
diff --git a/modules/gh-runner-gke/README.md b/modules/gh-runner-gke/README.md
@@ -83,6 +83,7 @@ This example shows how to deploy Self Hosted Runners on GKE that supports Docker
 | arc\_systems\_namespace | Namespace created for the ARC operator pods. | `string` | `"arc-systems"` | no |
 | cluster\_suffix | Name of the GitHub organization associated with this runner cluster. | `string` | `"arc"` | no |
 | create\_network | When set to true, VPC will be auto created | `bool` | `true` | no |
+| enable\_private\_nodes | Whether nodes have internal IP addresses only. | `bool` | `false` | no |
 | gh\_app\_id | After creating the GitHub App, on the GitHub App's page, note the value for "App ID". | `string` | n/a | yes |
 | gh\_app\_installation\_id | You can find the app installation ID on the app installation page, which has the following URL format: `https://github.com/organizations/ORGANIZATION/settings/installations/INSTALLATION_ID` | `string` | n/a | yes |
 | gh\_app\_pre\_defined\_secret\_name | Name for the k8s secret required to configure gh runners on GKE via GitHub App authentication | `string` | `"gh-app-pre-defined-secret"` | no |

diff --git a/modules/gh-runner-gke/main.tf b/modules/gh-runner-gke/main.tf
@@ -70,11 +70,12 @@ module "runner-cluster" {
   deletion_protection      = false
   node_pools = [
     {
-      name         = "runner-pool"
-      min_count    = var.min_node_count
-      max_count    = var.max_node_count
-      auto_upgrade = true
-      machine_type = var.machine_type
+      name                 = "runner-pool"
+      min_count            = var.min_node_count
+      max_count            = var.max_node_count
+      auto_upgrade         = true
+      machine_type         = var.machine_type
+      enable_private_nodes = var.enable_private_nodes
     }
   ]
 }

diff --git a/modules/gh-runner-gke/variables.tf b/modules/gh-runner-gke/variables.tf
@@ -183,3 +183,9 @@ variable "arc_runners_values" {
   description = "List of values in raw yaml format to pass to helm for ARC runners scale set chart"
   default     = []
 }
+
+variable "enable_private_nodes" {
+  type        = bool
+  description = "Whether nodes have internal IP addresses only."
+  default     = false
+}